LearnNowOnline

Learn your way! Get started

SC-200 Microsoft Security Operations Analyst, Part 2 of 9: Microsoft 365 Defender

with expert Cristian Calinescu

Watch trailer

Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack
Release date 3/25/2022
Level Beginner
Runtime 2h 59m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code Included
Exams Included
Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More

Course description

The SC-200 Microsoft Security Operations Analyst exam measures your ability to accomplish the following technical tasks: mitigate threats using Microsoft 365 Defender (25-30%); mitigate threats using Microsoft Defender for Cloud (25-30%); and mitigate threats using Microsoft Sentinel (40-45%) .

Prerequisites

Basic understanding of Microsoft 365, environment, security, compliance and identity products. Windows 10/11 familiarity wit Azure services, DB, Storage basic understanding of Scripting concepts

Meet the expert

Cristian Calinescu is a Microsoft certified Azure Solutions Architect Expert, Senior Infrastructure Engineer and Infrastructure Security Operations Manager.

Course outline

Module 2

Threat Protection with Microsoft 365 Defender (43:30)
  • Introduction (00:08)
  • Threat Protection with Microsoft 365 Defender (01:47)
  • Introduction to Threat Protection (03:03)
  • Common Threats (02:17)
  • Defender Architecture (07:04)
  • Incidents in Microsoft 365 Defender (00:30)
  • Defender Portal (01:56)
  • Demo: Defender Portal (26:33)
  • Summary (00:08)
Advanced Hunting (23:26)
  • Introduction (00:08)
  • Advanced Hunting (06:56)
  • Demo: Advanced Hunting (06:01)
  • Threat Hunting (06:09)
  • Threat Hunting within Network (00:06)
  • Consult Microsoft Threat Experts (03:57)
  • Summary (00:08)

Module 3

Remediate risks with Microsoft 365 Defender (34:33)
  • Introduction (00:08)
  • Remediate Risks (04:44)
  • Automate - Investigate - Remediate (08:22)
  • Simulate Attacks (05:51)
  • Microsoft Defender for Identities (01:50)
  • Monitor and Profile user Behavior Activities (02:22)
  • Identify Suspicious Activities (04:55)
  • Configure Microsoft Defender for Identity Sensors (06:09)
  • Summary (00:08)
Azure AD Identity Protection (41:49)
  • Introduction (00:08)
  • Azure AD Identity Protection (01:27)
  • What are Risks (02:06)
  • Identity Protection Workflow (09:41)
  • Investigate Risks (02:53)
  • Unblock Users (03:25)
  • Micrososft Defender for Cloud Apps (05:15)
  • Cloud Discovery (03:28)
  • Conditional Access App Control (05:38)
  • Classify and Protect Sensitive Information (07:35)
  • Summary (00:08)
Respond to DLP Alerts (36:05)
  • Introduction (00:08)
  • Respond to DLP Alerts (03:55)
  • Data Loss Prevention Components (03:28)
  • Demo: Alerts and Compliance Policy (09:05)
  • SManage Insider Risk Management in Microsoft 365 (04:18)
  • Insider Risk (01:47)
  • Common Risk Scenarios (01:47)
  • Risk Management Workflow (02:41)
  • Manage Risk Policies (03:51)
  • Demo: Risk (04:54)
  • Summary (00:08)